SECURITY BREACH RESPONSE
Per the Data Security Procedures, Roles and Responsibilities, Users and Data Security Officers must report any known Security Breach or any incident that is likely to cause a Security Breach. These incidents include thefts of computer devises, viruses, worms, or computer “attacks” that may lead to unauthorized access to confidential information.
Immediately upon becoming aware of a likely Security Breach, the Chief Information Security Officer shall notify the Washington State Office of the Chief Information Officer (OCIO). ITS Security and the College’s Risk Manager shall conduct an investigation.
The OCIO shall determine what, if any, actions the College is required to take to comply with applicable law, including whether any notification is required under the law.
The Chief Information Security Officer shall work with the College's Risk Manager and other administrators as appropriate to ensure that any notifications and other legally required responses are made in a timely manner.
If the event involves a criminal matter, the SPSCC Security Department shall be notified and shall coordinate its response with the OCIO and the College's Risk Manager.
ITS Security and the College’s Risk Manager shall investigate and review the incident with the department(s) directly affected by the incident, and the appropriate Data Security Officer(s).
The College’s Chief Information Security Officer shall prepare a formal report that will be distributed to the Data Security Committee and appropriate department members immediately after finalization of the investigation.
Quarterly, or as necessary, the College’s Chief Information Security Officer and the Risk Manager will present a summary of data security investigations and/or relevant data security updates to the Data Security Committee, who shall conduct a post-incident review of events and determine, what, if any changes should be made to College practices or policies to help prevent similar incidents.
The Committee shall document the College’s actions in response to a Security Breach and its post-incident review in the minutes of the meeting in which the breach is discussed.
The College reserves the right to monitor network traffic, perform random audits, and to take other steps to insure the integrity of its information and compliance with this policy. Requests for audits of employee or student computers based on specific concerns may be initiated by any college employee to the Human Resources Department, who may initiate a review by IT Services.
Violations of this policy may lead to appropriate disciplinary action, which may include temporary or permanent restrictions on access to certain information or networks. Willful or repeated violations of this policy may result in dismissal from the College.